package com.txm.security;


import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

//@Configuration
//@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private SecurityUserService securityUserService;
    @Autowired
    private SuccessHandler successHandler;

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
//从数据库中获取账号信息securityUserService()返回一个实现 UserDetailsService 接口的类
        auth.userDetailsService(securityUserService);
      /*  auth.authenticationProvider(authenticationProvider());*/
    }


    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/weixin/weixin.do", "/**");
    }

    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .antMatchers("/resources/**", "/*.jsp", "/blog/**").permitAll()
                .antMatchers("/sys/**").access("hasRole('ADMIN')")
                .anyRequest().authenticated()
                .and()
                .formLogin()
                .loginPage("/sign-in.jsp").passwordParameter("password").usernameParameter("username").successHandler(successHandler)
                .permitAll()
                .and().rememberMe().rememberMeParameter("remember-me").tokenValiditySeconds(86400)
                .and().exceptionHandling().accessDeniedPage("/sign-in.jsp")
                .and()
                .logout()
                .permitAll().and()
                .httpBasic();
    }


}